control, and governance
Unchecked Authority Exposes Organizations to Countless Frauds
Without adequate internal controls, individuals in management positions can abuse their power, resulting in significant monetary damage to the organization.
Lack of internal controls is the most common catalyst of fraud, according to The Association of Certified Fraud Examiners' (ACFE) 2008 Report to the Nation on Occupational Fraud and Abuse. Thirty-five percent of respondents cited inadequate internal controls as a primary contributing factor in the frauds they investigated, while 17 percent cited lack of management review and override of existing controls.
In organizations that lack internal controls and direct oversight, billing schemes account for 24 percent of asset misappropriation and result in a median loss of US $100,000, the ACFE report shows. Billing schemes, according to the report, are defined as any scheme in which a person causes his or her employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices, or invoices for personal purchases.
Managing the Business Risk of Fraud: A Practical Guide — sponsored by The Institute of Internal Auditors, The American Institute of Certified Public Accountants, and ACFE — recommends that organizations ensure controls are in place to protect tangible and intangible assets. To do this, organizations must gain an understanding of what assets are subject to misappropriation, the locations where the assets are maintained, and which personnel have control over or access to tangible or intangible assets.
"The One-woman Show," featured in the August 2007 issue of Internal Auditor magazine, gives an example of a billing scheme where a chief operating officer with unchecked authority circumvented the normal invoice approval process to help a businessman with legal problems.
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.